package com.leapcloud.crm.server.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
public class MonitorConfig extends WebSecurityConfigurerAdapter {

  @Override
  protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/actuator/**").authenticated()
        .anyRequest().permitAll()
        .and().httpBasic()
        .and().headers().xssProtection().disable()
        .and().headers().frameOptions().disable()
        .and().headers().contentTypeOptions().disable()
        .and().csrf().disable();
  }

}